CVE-2021-20224

Updated: 2022-08-30 08:02:17.053783

Description:

An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum() function in MagickCore/quantum-export.c. Function calls to GetPixelIndex() could result in values outside the range of representable for the 'unsigned char'. When ImageMagick processes a crafted pdf file, this could lead to an undefined behaviour or a crash.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
Ubuntu 16.04 ELS imagemagick 6.8.9.9-7ubuntu5.16 5.5 MEDIUM In Testing 2022-11-28 13:04:22

Statement

Will not fix: low score